Auto binary update for suit_manifest_process command (#38)

* update: automatically generate binaries for process command * fix: depend on S0 example * update: Dockerfiles for CI * update: clean sub dir * fix: typo * fix: typo
kentakayama · Oct 28, 2024 · 354c6cf · 354c6cf
1 parent 1a14cc6
commit 354c6cf
Show file tree

Hide file tree

Showing 10 changed files with 58 additions and 134 deletions.
diff --git a/.github/workflows/docker-image-ossl.yml b/.github/workflows/docker-image-ossl.yml
@@ -16,4 +16,6 @@ jobs:
     steps:
     - uses: actions/checkout@v3
     - name: Build the Docker image
-      run: docker run -t $(docker build -q -f ossl.Dockerfile .)
+      run: |
+        docker build -t libcsuit_ossl -f ossl.Dockerfile .
+        docker run -t libcsuit_ossl
diff --git a/.github/workflows/docker-image-ossl3.yml b/.github/workflows/docker-image-ossl3.yml
@@ -16,4 +16,6 @@ jobs:
     steps:
     - uses: actions/checkout@v3
     - name: Build the Docker image
-      run: docker run -t $(docker build -q -f ossl3.Dockerfile .)
+      run: |
+        docker build -t libcsuit_ossl3 -f ossl3.Dockerfile .
+        docker run -t libcsuit_ossl3
diff --git a/.github/workflows/docker-image-psa.yml b/.github/workflows/docker-image-psa.yml
@@ -16,4 +16,6 @@ jobs:
     steps:
     - uses: actions/checkout@v3
     - name: Build the Docker image
-      run: docker run -t $(docker build -q -f psa.Dockerfile .)
+      run: |
+        docker build -t libcsuit_psa -f psa.Dockerfile .
+        docker run -t libcsuit_psa
diff --git a/Makefile.process b/Makefile.process
@@ -12,10 +12,9 @@ LDWRAP = \
 	-Xlinker --wrap=suit_invoke_callback \
 	-Xlinker --wrap=suit_condition_callback
 
-INC = $(CMD_INC) -I ./inc -I ./examples/inc
+INC = $(CMD_INC) -I ./inc -I ./examples/inc -I ./testfiles
 TARGET = ./bin/suit_manifest_process
 SRCS = \
-	examples/suit_manifest_process_main.c \
 	examples/suit_examples_common.c \
 	examples/suit_examples_cose.c \
 	src/suit_common.c \
@@ -25,30 +24,38 @@ SRCS = \
 	src/suit_manifest_callbacks.c \
 	src/suit_manifest_decode.c \
 	src/suit_manifest_encode.c \
-	src/suit_manifest_print.c
+	src/suit_manifest_print.c \
+	examples/suit_manifest_process_main.c
 OBJS = $(addprefix ./obj/,$(patsubst %.c,%.o,$(SRCS)))
+BINARIES = \
+	testfiles/suit_manifest_expU.cbor.h \
+	testfiles/config.json.h \
+	testfiles/suit_manifest_expS0.cbor.h \
+	testfiles/encrypted_image_aes.bin.h
 
 ifeq ($(MBEDTLS),1)
     # use MbedTLS
     CFLAGS += -DLIBCSUIT_PSA_CRYPTO_C=1
-    #LDFLAGS += -lmbedtls -lmbedx509
     LDFLAGS += -lmbedcrypto
 else
     # use OpenSSL
     LDFLAGS += -lcrypto
 endif
 
 .PHONY: all
-all: $(TARGET)
+all: $(BINARIES) $(TARGET)
 
 include Makefile.common
 
 $(TARGET): $(OBJS) | ./bin
-	$(CC) $(LDWRAP) -o $@ $^ $(LDFLAGS)
+	$(CC) $(LDWRAP) -o $@ $(OBJS) $(LDFLAGS)
 
 ./obj/%.o: %.c | ./obj/src ./obj/examples
 	$(CC) $(CFLAGS) $(INC) $(CMD_LINE) -o $@ -c $<
 
+./testfiles/%.h:
+	$(MAKE) -C testfiles $<
+
 define test-one
 	$(TARGET) ./testfiles/suit_manifest_exp$(1).cbor || exit 1
 
@@ -61,5 +68,6 @@ test: all
 
 .PHONY: clean
 clean:
+	$(MAKE) -C testfiles
 	$(RM) $(OBJS) $(TARGET)
 
diff --git a/examples/suit_manifest_process_main.c b/examples/suit_manifest_process_main.c
@@ -27,123 +27,17 @@
 #include "trust_anchor_a128_cose_key_secret.h"
 #include "device_es256_cose_key_private.h"
 
-const uint8_t tc_uri[] = {
-    0x68, 0x74, 0x74, 0x70, 0x73, 0x3A, 0x2F, 0x2F, 0x65, 0x78,
-    0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x6F, 0x72, 0x67, 0x2F,
-    0x38, 0x64, 0x38, 0x32, 0x35, 0x37, 0x33, 0x61, 0x2D, 0x39,
-    0x32, 0x36, 0x64, 0x2D, 0x34, 0x37, 0x35, 0x34, 0x2D, 0x39,
-    0x33, 0x35, 0x33, 0x2D, 0x33, 0x32, 0x64, 0x63, 0x32, 0x39,
-    0x39, 0x39, 0x37, 0x66, 0x37, 0x34, 0x2E, 0x74, 0x61
-}; // "https://example.org/8d82573a-926d-4754-9353-32dc29997f74.ta";
-const uint8_t tc_data[] = {
-    0x48, 0x65, 0x6C, 0x6C, 0x6F, 0x2C, 0x20, 0x53, 0x65, 0x63,
-    0x75, 0x72, 0x65, 0x20, 0x57, 0x6F, 0x72, 0x6C, 0x64, 0x21
-}; // "Hello, Secure World!"
-const uint8_t depend_uri[] = {
-    0x68, 0x74, 0x74, 0x70, 0x73, 0x3A, 0x2F, 0x2F, 0x65, 0x78,
-    0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x6F, 0x72, 0x67, 0x2F,
-    0x38, 0x64, 0x38, 0x32, 0x35, 0x37, 0x33, 0x61, 0x2D, 0x39,
-    0x32, 0x36, 0x64, 0x2D, 0x34, 0x37, 0x35, 0x34, 0x2D, 0x39,
-    0x33, 0x35, 0x33, 0x2D, 0x33, 0x32, 0x64, 0x63, 0x32, 0x39,
-    0x39, 0x39, 0x37, 0x66, 0x37, 0x34, 0x2E, 0x73, 0x75, 0x69,
-    0x74
-}; // "https://example.org/8d82573a-926d-4754-9353-32dc29997f74.suit";
-const uint8_t depend_suit[] = {
-    0xA2, 0x02, 0x58, 0x73, 0x82, 0x58, 0x24, 0x82, 0x2F, 0x58,
-    0x20, 0xB3, 0x9B, 0x52, 0xB0, 0xB7, 0x47, 0xEA, 0x79, 0x58,
-    0x8C, 0x19, 0x0F, 0x56, 0x7B, 0xFC, 0x2C, 0x84, 0x37, 0xBA,
-    0x8A, 0x73, 0xF7, 0xEA, 0x98, 0x31, 0x82, 0xE7, 0x9F, 0x01,
-    0x48, 0xD5, 0x9B, 0x58, 0x4A, 0xD2, 0x84, 0x43, 0xA1, 0x01,
-    0x26, 0xA0, 0xF6, 0x58, 0x40, 0x80, 0xE5, 0x4A, 0xB4, 0x85,
-    0xB3, 0x20, 0xA6, 0x16, 0x54, 0x66, 0x63, 0x62, 0x92, 0x8B,
-    0x15, 0xEA, 0xAA, 0xBF, 0xE6, 0x95, 0x7B, 0x1B, 0xCB, 0x65,
-    0xF1, 0x6A, 0x36, 0x7E, 0x4B, 0x19, 0x88, 0x8B, 0xFF, 0xDB, 
-    0xD6, 0xF7, 0xEA, 0x28, 0x92, 0xFA, 0x36, 0xFA, 0x18, 0xA2,
-    0xFC, 0xB5, 0xDB, 0xFE, 0xC9, 0x83, 0x2E, 0x09, 0xB9, 0x1E,
-    0xD9, 0xCD, 0x34, 0x8A, 0xB7, 0x7E, 0x25, 0xFA, 0x74, 0x03,
-    0x59, 0x01, 0x08, 0xA6, 0x01, 0x01, 0x02, 0x03, 0x03, 0x58,
-    0x84, 0xA2, 0x02, 0x81, 0x84, 0x4B, 0x54, 0x45, 0x45, 0x50,
-    0x2D, 0x44, 0x65, 0x76, 0x69, 0x63, 0x65, 0x48, 0x53, 0x65,
-    0x63, 0x75, 0x72, 0x65, 0x46, 0x53, 0x50, 0x8D, 0x82, 0x57,
-    0x3A, 0x92, 0x6D, 0x47, 0x54, 0x93, 0x53, 0x32, 0xDC, 0x29,
-    0x99, 0x7F, 0x74, 0x42, 0x74, 0x61, 0x04, 0x58, 0x54, 0x86, 
-    0x14, 0xA4, 0x01, 0x50, 0xC0, 0xDD, 0xD5, 0xF1, 0x52, 0x43,
-    0x56, 0x60, 0x87, 0xDB, 0x4F, 0x5B, 0x0A, 0xA2, 0x6C, 0x2F,
-    0x02, 0x50, 0xDB, 0x42, 0xF7, 0x09, 0x3D, 0x8C, 0x55, 0xBA,
-    0xA8, 0xC5, 0x26, 0x5F, 0xC5, 0x82, 0x0F, 0x4E, 0x03, 0x58,
-    0x24, 0x82, 0x2F, 0x58, 0x20, 0x8C, 0xF7, 0x1A, 0xC8, 0x6A,
-    0xF3, 0x1B, 0xE1, 0x84, 0xEC, 0x7A, 0x05, 0xA4, 0x11, 0xA8,
-    0xC3, 0xA1, 0x4F, 0xD9, 0xB7, 0x7A, 0x30, 0xD0, 0x46, 0x39,
-    0x74, 0x81, 0x46, 0x94, 0x68, 0xEC, 0xE8, 0x0E, 0x14, 0x01,
-    0x0F, 0x02, 0x0F, 0x05, 0x84, 0x4B, 0x54, 0x45, 0x45, 0x50,
-    0x2D, 0x44, 0x65, 0x76, 0x69, 0x63, 0x65, 0x48, 0x53, 0x65,
-    0x63, 0x75, 0x72, 0x65, 0x46, 0x53, 0x50, 0x8D, 0x82, 0x57,
-    0x3A, 0x92, 0x6D, 0x47, 0x54, 0x93, 0x53, 0x32, 0xDC, 0x29,
-    0x99, 0x7F, 0x74, 0x44, 0x73, 0x75, 0x69, 0x74, 0x14, 0x58,
-    0x45, 0x86, 0x14, 0xA1, 0x15, 0x78, 0x3B, 0x68, 0x74, 0x74,
-    0x70, 0x73, 0x3A, 0x2F, 0x2F, 0x65, 0x78, 0x61, 0x6D, 0x70,
-    0x6C, 0x65, 0x2E, 0x6F, 0x72, 0x67, 0x2F, 0x38, 0x64, 0x38,
-    0x32, 0x35, 0x37, 0x33, 0x61, 0x2D, 0x39, 0x32, 0x36, 0x64,
-    0x2D, 0x34, 0x37, 0x35, 0x34, 0x2D, 0x39, 0x33, 0x35, 0x33,
-    0x2D, 0x33, 0x32, 0x64, 0x63, 0x32, 0x39, 0x39, 0x39, 0x37,
-    0x66, 0x37, 0x34, 0x2E, 0x74, 0x61, 0x15, 0x0F, 0x03, 0x0F,
-    0x18, 0x18, 0x44, 0x82, 0x18, 0x21, 0x0F,
-}; // suit_manifest_expU.md
-const uint8_t config_uri[] = {
-    0x68, 0x74, 0x74, 0x70, 0x73, 0x3A, 0x2F, 0x2F, 0x65, 0x78,
-    0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x6F, 0x72, 0x67, 0x2F,
-    0x63, 0x6F, 0x6E, 0x66, 0x69, 0x67, 0x2E, 0x6A, 0x73, 0x6F,
-    0x6E
-}; // "https://example.org/config.json";
-const uint8_t config_data[] = {
-    0x7B, 0x22, 0x6E, 0x61, 0x6D, 0x65, 0x22, 0x3A, 0x20, 0x22,
-    0x46, 0x4F, 0x4F, 0x20, 0x42, 0x61, 0x72, 0x22, 0x2C, 0x20,
-    0x22, 0x74, 0x6F, 0x6B, 0x65, 0x6E, 0x22, 0x3A, 0x20, 0x22,
-    0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39,
-    0x61, 0x62, 0x66, 0x63, 0x64, 0x65, 0x66, 0x30, 0x31, 0x32,
-    0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63,
-    0x64, 0x65, 0x22, 0x7D
-};// "{\"name\": \"FOO Bar\", \"token\": \"0123456789abfcdef0123456789abcde\"}";
-const uint8_t dependency_uri[] = {
-    0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x65, 0x78, 0x61,
-    0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x2F, 0x64,
-    0x65, 0x70, 0x65, 0x6E, 0x64, 0x65, 0x6E, 0x74, 0x2E, 0x73,
-    0x75, 0x69, 0x74
-}; // "http://example.com/dependent.suit
-const uint8_t dependency_data[] = {
-    0xD8, 0x6B, 0xA2, 0x02, 0x58, 0x73, 0x82, 0x58, 0x24, 0x82,
-    0x2F, 0x58, 0x20, 0x0F, 0x02, 0xCA, 0xF6, 0xD3, 0xE6, 0x19,
-    0x20, 0xD3, 0x6B, 0xF3, 0xCE, 0xA7, 0xF8, 0x62, 0xA1, 0x3B,
-    0xB8, 0xFB, 0x1F, 0x09, 0xC3, 0xF4, 0xC2, 0x9B, 0x12, 0x1F,
-    0xEA, 0xB7, 0x8E, 0xF3, 0xD8, 0x58, 0x4A, 0xD2, 0x84, 0x43,
-    0xA1, 0x01, 0x26, 0xA0, 0xF6, 0x58, 0x40, 0xD0, 0x70, 0x3E,
-    0xA1, 0x93, 0xE1, 0x23, 0x81, 0xA6, 0x6F, 0xFA, 0xDE, 0xF2,
-    0xF0, 0x94, 0x97, 0x11, 0xCF, 0xE0, 0x5E, 0xD2, 0x32, 0x28,
-    0x18, 0xD7, 0x3D, 0x19, 0xF2, 0xBB, 0xD9, 0x1B, 0xE5, 0xC5,
-    0x2F, 0x16, 0x04, 0xB4, 0x5C, 0x40, 0x5E, 0x96, 0xB0, 0x64,
-    0x2F, 0x3D, 0x49, 0xB2, 0xD7, 0xC6, 0xE3, 0xB2, 0xC0, 0xB4,
-    0x00, 0x30, 0xBD, 0xDF, 0xBD, 0x27, 0xAF, 0x93, 0x0B, 0x1F,
-    0x8B, 0x03, 0x58, 0x42, 0xA6, 0x01, 0x01, 0x02, 0x00, 0x03,
-    0x47, 0xA1, 0x02, 0x81, 0x81, 0x42, 0x30, 0x30, 0x05, 0x81,
-    0x4E, 0x64, 0x65, 0x70, 0x65, 0x6E, 0x64, 0x65, 0x6E, 0x74,
-    0x2E, 0x73, 0x75, 0x69, 0x74, 0x09, 0x4D, 0x84, 0x14, 0xA1,
-    0x17, 0x46, 0x63, 0x61, 0x74, 0x20, 0x30, 0x30, 0x17, 0x0F,
-    0x14, 0x52, 0x84, 0x14, 0xA1, 0x12, 0x4B, 0x68, 0x65, 0x6C,
-    0x6C, 0x6F, 0x20, 0x77, 0x6F, 0x72, 0x6C, 0x64, 0x12, 0x0F
-}; // suit_manifest_expS0.suit
-const uint8_t encrypted_firmware_uri[] = {
-    0x68, 0x74, 0x74, 0x70, 0x73, 0x3A, 0x2F, 0x2F, 0x65, 0x78,
-    0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x2F,
-    0x65, 0x6E, 0x63, 0x72, 0x79, 0x70, 0x74, 0x65, 0x64, 0x2D,
-    0x66, 0x69, 0x72, 0x6D, 0x77, 0x61, 0x72, 0x65
-}; // "https://example.com/encrypted-firmware"
-const uint8_t encrypted_firmware_data[] = {
-    0x75, 0x8C, 0x4B, 0x7B, 0xBA, 0xE2, 0xC4, 0xC1, 0xD4, 0x62,
-    0x42, 0x3E, 0x0F, 0x0D, 0xC3, 0x16, 0x4F, 0xFA, 0x7B, 0x85,
-    0xBB, 0x94, 0xD4, 0xBD, 0x6D, 0x7E, 0xD2, 0x6A, 0xB3, 0x2F, 
-    0xEB, 0x06, 0x33, 0x85, 0xD4, 0xD3, 0x46, 0x59, 0x27, 0xEC,
-    0x82, 0xCB, 0x5E, 0x19, 0x8A, 0x59
-};
+#include "suit_manifest_expU.cbor.h"
+#include "config.json.h"
+#include "suit_manifest_expS0.cbor.h"
+#include "encrypted_image_aes.bin.h"
+
+const uint8_t tc_uri[] = "https://example.org/8d82573a-926d-4754-9353-32dc29997f74.ta";
+const uint8_t tc_data[] = "Hello, Secure World!";
+const uint8_t depend_uri[] = "https://example.org/8d82573a-926d-4754-9353-32dc29997f74.suit";
+const uint8_t config_uri[] = "https://example.org/config.json";
+const uint8_t dependency_uri[] = "http://example.com/dependent.suit";
+const uint8_t encrypted_firmware_uri[] = "https://example.com/encrypted-firmware";
 
 struct name_data {
     const uint8_t *name;
@@ -153,11 +47,11 @@ struct name_data {
 };
 #define SUIT_NAME_DATA_LEN 5
 const struct name_data name_data[] = {
-    {.name = tc_uri, .name_len = sizeof(tc_uri), .data = tc_data, .data_len = sizeof(tc_data)},
-    {.name = depend_uri, .name_len = sizeof(depend_uri), .data = depend_suit, .data_len = sizeof(depend_suit)},
-    {.name = config_uri, .name_len = sizeof(config_uri), .data = config_data, .data_len = sizeof(config_data)},
-    {.name = dependency_uri, .name_len = sizeof(dependency_uri), .data = dependency_data, .data_len = sizeof(dependency_data)},
-    {.name = encrypted_firmware_uri, .name_len = sizeof(encrypted_firmware_uri), .data = encrypted_firmware_data, .data_len = sizeof(encrypted_firmware_data)},
+    {.name = tc_uri, .name_len = sizeof(tc_uri) - 1, .data = tc_data, .data_len = sizeof(tc_data) - 1},
+    {.name = depend_uri, .name_len = sizeof(depend_uri) - 1, .data = suit_manifest_expU_cbor, .data_len = suit_manifest_expU_cbor_len},
+    {.name = config_uri, .name_len = sizeof(config_uri) - 1, .data = config_json, .data_len = config_json_len},
+    {.name = dependency_uri, .name_len = sizeof(dependency_uri) - 1, .data = suit_manifest_expS0_cbor, .data_len = suit_manifest_expS0_cbor_len},
+    {.name = encrypted_firmware_uri, .name_len = sizeof(encrypted_firmware_uri) - 1, .data = encrypted_image_aes_bin, .data_len = encrypted_image_aes_bin_len},
 };
 
 suit_err_t __real_suit_fetch_callback(suit_fetch_args_t fetch_args, suit_fetch_ret_t *fetch_ret);

diff --git a/ossl.Dockerfile b/ossl.Dockerfile
@@ -5,7 +5,7 @@ FROM debian:latest
 ENV DEBIAN_FRONTEND=noninteractive
 
 RUN apt-get update
-RUN apt-get -y install curl git gcc make libcunit1-dev libssl-dev
+RUN apt-get -y install curl git gcc make xxd libcunit1-dev libssl-dev
 
 RUN git clone --depth 1 https://github.com/laurencelundblade/QCBOR.git /root/QCBOR
 WORKDIR /root/QCBOR

diff --git a/ossl3.Dockerfile b/ossl3.Dockerfile
@@ -5,7 +5,7 @@ FROM ubuntu:22.04
 ENV DEBIAN_FRONTEND=noninteractive
 
 RUN apt-get update
-RUN apt-get -y install curl git clang make libcunit1-dev libssl-dev
+RUN apt-get -y install curl git clang make xxd libcunit1-dev libssl-dev
 
 RUN git clone --depth 1 https://github.com/laurencelundblade/QCBOR.git /root/QCBOR
 WORKDIR /root/QCBOR

diff --git a/psa.Dockerfile b/psa.Dockerfile
@@ -5,7 +5,7 @@ FROM debian:latest
 ENV DEBIAN_FRONTEND=noninteractive
 
 RUN apt-get update
-RUN apt-get -y install curl git gcc make libcunit1-dev python3
+RUN apt-get -y install curl git gcc make xxd libcunit1-dev python3
 
 RUN git clone -b v3.1.0 --depth 1 https://github.com/Mbed-TLS/mbedtls.git /root/mbedtls
 WORKDIR /root/mbedtls

diff --git a/testfiles/.gitignore b/testfiles/.gitignore
@@ -1 +1,2 @@
 suit_manifest_expX.cbor
+*.h
diff --git a/testfiles/Makefile b/testfiles/Makefile
@@ -0,0 +1,15 @@
+#
+# Copyright (c) 2020-2024 SECOM CO., LTD. All Rights reserved.
+#
+# SPDX-License-Identifier: BSD-2-Clause
+#
+
+.PHONY: all
+all: suit_manifest_expU.cbor.h config.json.h suit_manifest_expS0.cbor.h encrypted_image_aes.bin.h
+
+%.h: %
+	xxd -i $< | sed -e 's/^unsigned char/const uint8_t/' -e 's/^unsigned int/const size_t/' > $@
+
+.PHONY: clean
+clean:
+	$(RM) *.h